Security Directory

DNSCrypt.info is the official project home page for the DNSCrypt protocol, which enhances DNS security by encrypting and authenticating DNS communications. The project provides multiple protocol implementations including DNSCrypt version 2, DNS-over-HTTPS (DoH), and DNS-over-TLS (DoT), targeting users and organizations seeking to improve their DNS privacy and security. The website serves as a distribution point for official servers and clients across major platforms including Windows, macOS, Linux, Android, and iOS. The project operates as an open source initiative with a focus on security and privacy enhancement in the DNS ecosystem. Technically, the website is built using modern frontend technologies such as Vue.js and Vuetify, delivering a responsive and user-friendly interface. The site is well-structured with appropriate meta tags and JSON-LD structured data describing the software application, aiding SEO and discoverability. Performance is moderate with good mobile optimization, although accessibility features could be improved. The site uses HTTPS exclusively, ensuring secure communications. From a security perspective, the website demonstrates good practices including HTTPS enforcement and no visible exposure of sensitive data. However, it lacks several security headers that could further harden the site. There is no visible privacy policy, cookie policy, or terms of service, which are important for compliance and user trust. Contact information and incident response channels are not explicitly provided, limiting transparency. No vulnerability disclosure or security.txt files were found, which could be improved to encourage responsible reporting. Overall, DNSCrypt.info presents a trustworthy and professional presence for the DNSCrypt project, with a strong focus on DNS security technology. The lack of explicit privacy and contact policies slightly reduces compliance and trust scores but is understandable given the open source nature of the project. Strategic improvements in privacy disclosures, security headers, and incident response transparency would enhance the site's security posture and user confidence.

M

MONDO, Inc.

yumama.com

54

Yumama is a well-established Serbian parenting and family media portal operated under MONDO, Inc., founded in 2008. It provides comprehensive content focused on pregnancy, child development, and family life, targeting parents and prospective parents in Serbia and the surrounding region. The website enjoys a strong market position as a leading parental guide with a medium-sized audience and a business model centered on content publishing and advertising revenue, supplemented by membership features. Technically, Yumama employs modern web technologies including Nuxt.js and Vue.js, integrates multiple analytics and advertising platforms, and demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, uses consent management for GDPR compliance, and shows no critical vulnerabilities, although DNSSEC is not enabled and some advanced security headers could be added. Overall, Yumama presents a professional, trustworthy, and user-friendly experience with clear privacy and cookie policies, active social media presence, and consistent branding. Strategic recommendations include enhancing DNS security, publishing a formal security policy, and continuing to monitor third-party scripts for vulnerabilities.

E

elle.rs

elle.rs

47

elle.rs is the Serbian edition of the internationally recognized ELLE magazine brand, focusing on fashion, beauty, lifestyle, and culture content for a Serbian-speaking audience. The website is well-established since 2008 and operates under a reputable media network (WMG Media). It offers rich editorial content, subscription options, and maintains active social media channels. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, integrates multiple analytics and advertising technologies, and implements a comprehensive cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no critical vulnerabilities detected, though DNSSEC is not enabled and some security headers could be improved. Overall, elle.rs presents a professional, trustworthy, and user-friendly media platform with extensive tracking and advertising integrations typical for commercial media sites.

M

MONDO, Inc.

story.hr

49

Story.hr is a prominent Croatian media portal specializing in lifestyle, celebrity news, and general entertainment content. Operated by MONDO, Inc., it maintains a strong market presence with multiple subsidiary brands such as Roditelji.hr and Sensa.hr, targeting a broad general audience interested in news, lifestyle, and entertainment. The website features a professional design, clear navigation, and regularly updated content, supporting its position as a leading media outlet in Croatia. Technically, the site leverages modern web frameworks like Nuxt.js and Vue.js, integrates multiple analytics and advertising platforms, and employs best practices in security such as HTTPS and security headers. Privacy compliance is well addressed with comprehensive policies and consent mechanisms, aligning with GDPR requirements. However, direct contact information and explicit security policies are not prominently published, which could be improved. Overall, the site demonstrates a mature digital infrastructure and a solid security posture, making it a trustworthy and professional media platform.

S

Siemens

siemens.com

77

Siemens is a globally recognized technology leader specializing in industry, infrastructure, and mobility solutions driven by digital transformation. The website reflects a mature enterprise with a strong market position and a comprehensive portfolio of services including industry automation, infrastructure solutions, and mobility technologies. The digital presence is modern, leveraging advanced web technologies such as Vue.js, Apollo GraphQL, and integrated analytics platforms like Matomo and Adobe Analytics. Privacy and cookie policies are well established with active consent management, indicating compliance with GDPR and related regulations. Security posture is solid with HTTPS enforcement and consent-based tracking, though additional security headers and explicit security policies could enhance protection. The absence of WHOIS data is noted but likely due to registry privacy or query limitations rather than suspicious activity. Overall, the site demonstrates high professionalism, trustworthiness, and technical sophistication suitable for an enterprise of Siemens' stature.

V

Verein Industrienacht Basel

industrienacht.com

58

Industrienacht is a regional event organizer based in Basel, Switzerland, focused on showcasing industrial workplaces and companies in the Basel region. Established in 2019, it has grown to attract significant visitor numbers, with 16,000 attendees in 2025. The organization operates primarily as a non-profit or association (Verein) promoting industrial awareness and engagement through events, tours, and information dissemination. The website serves as a portal for event information, ticket sales, and newsletter subscriptions, targeting the general public interested in industry and regional economic activities. Technically, the website is built on modern JavaScript frameworks Nuxt.js and Vue.js, indicating a contemporary digital infrastructure. It integrates Google Tag Manager for analytics and Mailchimp for newsletter management. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Hosting details are not explicit, but the domain is registered with GoDaddy and uses a custom or headless CMS likely provided by Prolog Digital. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and a cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is transparent and consistent with the business claims, enhancing trustworthiness. Social media presence and reputable sponsors further strengthen credibility. Overall, the website is professional, secure, and compliant with GDPR, though improvements in cookie consent and security headers are recommended to enhance privacy and security posture.

S

Switch

switch.ch

80

Switch is a Swiss foundation established in 1987 that provides critical network infrastructure and digital services to the Swiss education and research sectors. It operates as a trusted national research and education network operator, managing domain registries (.ch and .li), digital identity solutions, cloud services, and cybersecurity offerings. The organization is well-positioned as a key enabler of secure and sustainable digital connectivity for universities and research institutions in Switzerland. Technically, the website leverages modern frameworks such as Vue.js and Nuxt.js, with good performance, mobile optimization, and accessibility. The presence of a cookie consent banner and a comprehensive privacy policy indicates good privacy compliance. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and incident response information are not publicly documented. Overall, the domain registration and website content are consistent and legitimate, reflecting a mature and trustworthy organization.

N

Nelisa s.r.o.

nelisa.com

61

Nelisa s.r.o. operates a SaaS platform specializing in recruitment campaign automation, leveraging programmatic job advertising to connect companies with the right candidates efficiently. Positioned as a leading solution with over 700 satisfied companies, Nelisa offers multi-channel job ad distribution, copywriting services, and detailed reporting to optimize recruitment efforts. The company is part of the Alma Career family, indicating a strong market presence in Central Europe. Technically, the website employs modern frameworks such as Vue.js and Tailwind CSS, hosted on DigitalOcean, with extensive use of analytics and marketing tools including Google Tag Manager, TikTok Analytics, and Piwik PRO. Security posture is solid with HTTPS enforced and secure script handling, though improvements like DNSSEC and enhanced security headers are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Nelisa presents a professional, trustworthy, and technically mature digital presence.

P

Profesia, spol. s r. o.

profesia.cz

61

Profesia.cz is a leading Czech job portal operated by Profesia, spol. s r. o., affiliated with the Alma Career group. The website offers comprehensive job listings, CV creation tools, career advice, salary comparisons, and online courses, targeting job seekers and employers primarily in the Czech Republic. The site is professionally designed, mobile-optimized, and provides a rich user experience with clear navigation and relevant content. Technically, it employs modern web technologies including Vue.js, Bootstrap, and integrates analytics and advertising tools such as Google Tag Manager and Microsoft Clarity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with GDPR-aligned policies and transparent cookie management. The absence of WHOIS data limits domain registration trust analysis, but the website's affiliation with Alma Career and professional presentation support its legitimacy. Overall, Profesia.cz represents a mature, trustworthy online employment platform with good technical and security standards.

A

Alma Career Croatia d.o.o.

mojposao.hr

60

MojPosao.hr is a leading Croatian online job portal operated by Alma Career Croatia d.o.o., offering a comprehensive platform for job seekers and employers. The website provides extensive job listings, employer profiles, salary calculators, and career advice, positioning itself as a key player in the Croatian employment market. The site is part of the Alma Career family, which operates multiple regional job portals, enhancing its market reach and credibility. Technically, the website leverages modern frameworks such as Vue.js and Nuxt.js, ensuring a responsive and performant user experience across devices. Integration with major analytics and marketing tools like Google Analytics and Facebook SDK supports data-driven decision-making and targeted advertising. Security-wise, the site enforces HTTPS, employs standard security headers, and implements cookie consent mechanisms, reflecting a mature security posture. However, there is room for improvement in publishing explicit security policies and incident response contacts. Overall, MojPosao.hr demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for employment services in Croatia.

H

Hrvatski Telekom d.d.

kekspay.hr

62

KEKS Pay is a Croatian financial technology service offering a mobile application for fast, no-fee money transfers, bill payments, parking payments, and other financial transactions. Sponsored by Erste Banka and registered under Hrvatski Telekom d.d., the platform targets both individual consumers and business users, providing a convenient and secure payment ecosystem. The website is professionally designed, mobile-optimized, and provides clear information about its services and privacy practices. Technically, it leverages modern JavaScript frameworks (Vue.js, Nuxt.js) and integrates with major app stores for broad platform support. Security practices include encryption, biometric and PIN protection, and compliance with EU standards, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and compliant with GDPR, with a strong market position in Croatia's fintech sector.

H

Hrvatska udruga za odnose s javnošću

huoj.hr

56

Hrvatska udruga za odnose s javnošću (HUOJ) is a Croatian non-profit professional association dedicated to public relations and communication experts. It focuses on education, professional development, member information, and enhancing the standards and reputation of the PR profession in Croatia. The website serves as a portal for news, projects, membership information, and events, positioning HUOJ as a leading organization in its sector. Technically, the site is built using modern JavaScript frameworks Vue.js and Nuxt.js, with good mobile optimization and moderate performance. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though no explicit security or incident response policies are published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Maistra d.d.

maistra.com

71

Maistra d.d. is a leading Croatian hospitality company operating a portfolio of hotels, resorts, and campsites primarily in Rovinj, Vrsar, Dubrovnik, and Zagreb. The company is part of the Adris Group and targets tourists seeking premium accommodation and unique experiences in Croatia. The website offers comprehensive booking services, loyalty programs, and curated travel experiences, positioning Maistra as a prominent player in the Croatian tourism market. Technically, the website is built using modern frameworks such as Hugo and Vue.js, with integrations for analytics and error monitoring, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, although public security policies and incident response contacts are not disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is a notable anomaly but does not significantly detract from the overall legitimacy given the professional presentation and external trust signals. Overall, Maistra's website demonstrates a high level of professionalism, technical sophistication, and user experience suitable for a large hospitality enterprise.

A

Alma Career Croatia d.o.o.

moj-posao.net

60

MojPosao.hr is a leading Croatian job portal operated by Alma Career Croatia d.o.o., offering a comprehensive platform for job seekers and employers. The website provides extensive job listings, employer profiles, salary calculators, and career advice, positioning itself as a key player in the Croatian employment market. The site is part of the larger Alma Career group, which operates multiple regional job portals, enhancing its market reach and credibility. Technically, the website leverages modern frameworks such as Vue.js and Nuxt.js, ensuring a responsive and user-friendly experience across devices. Integration with Google Tag Manager and Facebook SDK supports marketing and analytics efforts, while a cookie consent manager ensures compliance with privacy regulations. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, MojPosao.hr demonstrates a mature digital presence with good privacy compliance and business transparency, making it a trustworthy platform for employment services in Croatia.

N

Next AG

nextag.ch

64

Next AG is a well-established Swiss web agency based in St. Gallen, specializing in online shops, websites, interfaces, and web design primarily for the Ostschweiz region. The company offers a full suite of digital services including CMS-based websites, e-commerce solutions with Shopware and WooCommerce, custom software development, and SEO services. Their market position is reinforced by certifications such as Shopware Business Partner and Abacus E-Business consultant, alongside a portfolio of client references and success stories. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content.

S

SIDEARM Sports

sidearmsports.com

67

SIDEARM Sports is a well-established technology company specializing in digital fan engagement solutions tailored for the sports industry. With over a decade of experience since its founding in 2009, it offers a comprehensive suite of services including official athletics websites, mobile applications, and streaming platforms. The company holds a strong market position as an industry leader, supported by its affiliation with Learfield, a recognized parent company in sports marketing. The website reflects a professional and modern digital presence, targeting sports organizations and fans to enhance engagement and brand building.

W

Webling Vereinssoftware

webling.ch

55

Webling.ch is a well-established Swiss online software provider specializing in club and association management. The company offers a comprehensive SaaS platform that covers membership management, accounting, event organization, and communication tools tailored for clubs of all sizes. With over 15 years of experience and a strong customer base exceeding 8000 clubs, Webling positions itself as a trusted and user-friendly solution in the non-profit sector. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as Nuxt.js and Vue.js, ensuring fast performance and excellent mobile responsiveness. Security practices are robust, including HTTPS enforcement, Swiss-based hosting, daily backups, and compliance with GDPR and Swiss data protection laws. However, the site lacks visible cookie consent mechanisms and explicit terms of service or security incident response contacts, which are areas for improvement. Overall, Webling demonstrates a mature technical infrastructure and a strong market position with high trust indicators.

The Swiss Young Academy (SYA) is a non-profit academic network that connects young researchers across diverse scientific disciplines in Switzerland. It serves as the young voice of the Swiss Academies of Arts and Sciences, fostering inter- and transdisciplinary exchange and supporting innovative ideas through mentoring, project funding, and joint initiatives. The website reflects a well-established organization with a clear mission targeting early and mid-career researchers. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, with optimized performance and mobile responsiveness. Security posture is strong with HTTPS and good practices, though explicit security policies and incident response contacts are not found. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned within the Swiss academic ecosystem.

The Schweizerische Kommission für Polar- und Höhenforschung SKPH is a Swiss scientific commission dedicated to representing and supporting the scientific community in polar and high-altitude research. It operates as a strategic body within the Swiss Academies of Sciences, promoting research interests nationally and internationally, and fostering young researchers through awards such as the Prix de Quervain. The website reflects a professional and well-maintained digital presence, leveraging modern web technologies including Nuxt.js and Vue.js, with a focus on accessibility, mobile optimization, and performance. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in privacy compliance, particularly regarding cookie consent and formal security policies. Overall, the site is trustworthy, well-branded, and serves its target audience effectively.

The Nationales Netzwerk für wissenschaftliche Beratung is a Swiss national scientific advisory network providing independent expertise to federal and cantonal governments for crisis prevention and management. It collaborates closely with major Swiss scientific institutions and operates thematic clusters in key areas such as public health, cybersecurity, disinformation, and international challenges. The website is professionally designed, multilingual, and targets policymakers and scientific experts. Technically, it employs modern frameworks like Nuxt.js and Vue.js, with a performant and mobile-optimized infrastructure. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and aligned with its governmental and scientific mission.

H

Hotmart

hotmart.com

77

Hotmart is a well-established digital platform founded in 2006, specializing in enabling creators to sell and distribute digital products globally. The platform offers a comprehensive suite of tools for building, monetizing, and managing digital content such as courses, memberships, and events. Hotmart positions itself as a leader in the e-commerce and digital education sectors, targeting content creators and entrepreneurs worldwide. The website demonstrates a high level of professionalism, with clear navigation, multilingual support, and strong branding consistency. Technically, Hotmart employs modern web technologies including Nuxt.js and Vue.js, hosted on AWS infrastructure, ensuring fast performance and mobile optimization. Security is robust with HTTPS enforced, multiple security headers, and secure payment processing with fraud detection. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. Overall, Hotmart presents a trustworthy and mature digital business platform with a solid security posture and excellent user experience.

B

Bandcamp

bandcamp.com

57

Bandcamp is a well-established online music marketplace and streaming platform founded in 2003, focused on empowering independent artists to sell music and merchandise directly to fans. The platform offers a rich user experience with editorial content, live events, and a strong community focus. Technically, Bandcamp employs modern web technologies including Vue.js, Stripe for payments, and Google Tag Manager for analytics, hosted on Google Cloud infrastructure. Security posture is strong with HTTPS, domain status locks, and reCAPTCHA Enterprise integration, though DNSSEC is not enabled. Privacy compliance is robust with clear policies and cookie consent mechanisms. Overall, Bandcamp presents a professional, trustworthy, and secure platform with a high level of digital maturity.

K

Kenya Airways

kenya-airways.com

77

Kenya Airways is a leading African airline and a member of the Sky Team Alliance, operating flights to over 40 destinations worldwide. The company holds a strong market position in the African transportation sector, recognized by multiple prestigious awards such as Africa's Leading Airline in 2024. The website reflects a mature digital presence with multi-language support and modern web technologies including Vue.js and Microsoft Application Insights for analytics. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although public security policies and vulnerability disclosures are absent. Overall, the site demonstrates professionalism and trustworthiness, supporting Kenya Airways' brand as a major airline in Africa.

F

Fairfax County Economic Development Authority

fairfaxcountyeda.org

58

Fairfax County Economic Development Authority (FCEDA) operates as a government entity focused on promoting business growth and economic development in the Fairfax NOVA region. The website serves as a comprehensive portal offering resources, insights, and support for businesses looking to invest, relocate, or expand in Northern Virginia. FCEDA positions itself as a key regional economic development authority with a strong emphasis on sectors such as technology, government contracting, real estate, and transportation. The site highlights major employers, workforce demographics, capital investment incentives, and business mentoring programs, targeting business leaders, entrepreneurs, and investors. Technically, the website is built on WordPress with modern frameworks like Vue.js and uses advanced tools such as Google Tag Manager and Osano for consent management. The site is well-optimized for SEO, mobile-friendly, and incorporates structured data for enhanced search engine visibility. Performance is moderate with good accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some advanced security headers like Content-Security-Policy. The domain is long-established and registered with a reputable registrar, showing strong legitimacy and domain security practices. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for FCEDA, supporting its mission to attract and support businesses in the Fairfax NOVA region. Strategic recommendations include enhancing security headers, enabling DNSSEC, and publishing explicit security and incident response policies to further strengthen trust and compliance.

L

Latvijas Mobilais Telefons

lmt.lv

56

Latvijas Mobilais Telefons (LMT) is a leading telecommunications provider in Latvia, offering a wide range of mobile telephony, internet, and entertainment services. The company maintains a strong market position with extensive 5G coverage and a comprehensive retail offering of devices and accessories. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization, targeting both private consumers and business clients in Latvia. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, hosted on Amazon Cloudfront CDN, ensuring fast performance and good accessibility. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website and domain WHOIS data align well, indicating a trustworthy and legitimate business entity.

O

Oxford Nanopore Technologies

nanoporetech.com

76

Oxford Nanopore Technologies is a leading UK-based biotechnology company specializing in nanopore sequencing technology. Their innovative platform enables real-time, scalable DNA and RNA sequencing with applications across research, clinical, and biopharma sectors. The company maintains a strong market position with a comprehensive product portfolio including sequencing devices, consumables, and software solutions. Their website reflects a mature digital presence with excellent content quality, user experience, and technical infrastructure hosted on AWS with modern frameworks like Vue.js. Security posture is strong with HTTPS enforcement, security headers, and domain registration best practices, though minor improvements like DNSSEC and explicit security policies could enhance trust further. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and credibility, supporting Oxford Nanopore's reputation as a trusted innovator in genomic technologies.

Oxford Nanopore Technologies is a leading biotechnology company specializing in nanopore sequencing technology that enables analysis of DNA and RNA with high accuracy and scalability. The company targets researchers, healthcare professionals, and biopharma sectors with a comprehensive portfolio of sequencing devices, library preparation kits, and data analysis software. Their website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, hosted likely on AWS infrastructure, and integrates multiple analytics and marketing tools to optimize user engagement and performance. Security posture is strong with HTTPS enforcement, security headers, and domain lock status, though there is room for improvement in publishing explicit security policies and vulnerability disclosure mechanisms. Overall, the domain registration data aligns well with the company's history and legitimacy, supporting a high trustworthiness rating.

Z

Zürich Tourismus

zuerich.com

59

Zürich Tourismus operates the official city guide website zuerich.com, providing comprehensive information on tourism, events, accommodations, and travel tips for visitors to Zurich, Switzerland. The site targets tourists and visitors, offering a rich user experience with modern web technologies such as Nuxt.js and Vue.js. The website demonstrates a high level of digital maturity with excellent design, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and cookie consent management, although explicit security policies and incident response details are not published. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, but the professional content and branding mitigate some risk. Overall, the site is a trusted resource for Zurich tourism but would benefit from improved transparency in domain registration and security disclosures.

T

Welcome to THE LÄND

thelaend.de

54

The website 'THE LÄND' presents itself as Europe's leading innovation region, targeting professionals and career seekers interested in high-quality life and career opportunities in Germany. The content is professionally designed, leveraging modern web technologies such as Vue.js, Nuxt.js, and Storyblok CMS, indicating a mature digital infrastructure. However, the site lacks explicit privacy and cookie policies, as well as clear contact information, which are critical for compliance and user trust. Security posture appears minimal with no detected security headers or incident response contacts. The presence of Piwik PRO analytics suggests moderate user tracking without visible consent mechanisms. Overall, the site is accessible and safe, but improvements in privacy compliance and security best practices are recommended.

M

Media One Group

rockstarradio.ch

47

Rockstar is a digital radio station operated by Media One Group, focusing on rock music from the 1960s to today. The website serves as a streaming platform and brand presence for the radio station, targeting rock music enthusiasts primarily in Switzerland. The site uses modern web technologies including Vue.js and Nuxt.js, and integrates Google Tag Manager and Axeptio for analytics and consent management, although no explicit cookie or privacy policies are published. Social media presence on Instagram and Facebook supports audience engagement. Technically, the website is well-structured with responsive design and moderate performance. However, security posture is moderate due to lack of visible security headers and absence of published security or privacy policies. The domain uses privacy protection in WHOIS, which is common and acceptable for media entities, and no suspicious patterns were detected. The site content is safe for general audiences with no adult or explicit material. Overall, the website is professionally presented and credible as a niche digital radio station. Key improvements include publishing privacy and cookie policies, adding security headers, and providing clear contact information to enhance trust and compliance. These steps will strengthen the security posture and privacy compliance, aligning with best practices for media websites.

M

Media One Group

kisscollector.ch

48

Kiss Collector is a digital radio station operated by Media One Group, targeting French-speaking audiences interested in classic hits from the 1970s and 1980s. The website offers streaming services with a focus on nostalgic music content, positioning itself as a niche media outlet within Switzerland. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, with integration of Google Tag Manager for analytics and Axeptio for consent management, indicating a moderate level of digital maturity. The site is mobile optimized and presents a professional design with consistent branding. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, and no explicit contact information is provided for users or security incidents. Overall, the website is functional and trustworthy but would benefit from enhanced compliance and security transparency.

I

Interhome AG

interhome.ch

67

Interhome AG is a well-established Swiss company specializing in the rental of holiday homes, apartments, and chalets across Europe. With a founding date in 1965 and a parent company relationship to Hotelplan Group, Interhome holds a strong market position in the European hospitality sector. The website serves tourists and holidaymakers seeking vacation rentals, offering a broad portfolio of properties. Technically, the site employs modern web technologies including Vue.js and Tailwind CSS, with integrations for Google Analytics and Tag Manager, reflecting a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the website enforces HTTPS, uses modern security headers, and shows no signs of vulnerabilities or exposed sensitive data. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligned with the company's business claims.

The website 'Advertising Week Asia2025' appears to be a digital presence for an advertising event scheduled for the year 2025. The site uses modern frontend technologies such as Vue.js and Vuetify, indicating a contemporary UI framework choice. However, the content is minimal with no substantive business descriptions, contact information, or privacy and security policies published. The domain registration data is unusual, showing a creation date in the future (July 2025), which raises questions about the domain's current legitimacy or if it is a placeholder site. Security posture is basic with no DNSSEC enabled and no security headers detected. There is no evidence of analytics or advertising tracking scripts, and no forms or data collection mechanisms are present on the site. Overall, the site is accessible but lacks critical business and compliance information.

C

Carac Media SA

carac.tv

48

Carac Media SA operates carac.tv, a Swiss French-language media platform offering live TV streaming, replay content, and program guides. Positioned as a niche broadcaster under Media One Group, it targets Swiss viewers interested in character-based TV content. The website employs modern web technologies including Nuxt.js and Vue.js, integrates advertising via Smart AdServer, and uses Google Tag Manager for analytics. Cookie consent is managed through Axept.io, reflecting some privacy compliance efforts. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of explicit privacy policies and security incident contacts indicates room for improvement. Overall, the site is professional, trustworthy, and well-branded, serving its audience effectively.

B

Bits of Freedom

jouwplatformrechten.nl

60

The website 'Blijf Luid | Bits of Freedom' is an advocacy platform focused on informing users about their digital rights and new European regulations that empower users to claim their online space more freely and autonomously. It is operated by Bits of Freedom, a non-profit organization based in the Netherlands. The site targets a general audience interested in digital rights and platform freedoms, providing educational content and advocacy resources. Technically, the site is built using modern JavaScript frameworks such as Nuxt.js and Vue.js, with custom fonts and a responsive design optimized for mobile devices. Matomo analytics is employed, reflecting a privacy-conscious approach to user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and security policy pages suggests room for improvement. Privacy compliance is limited due to the lack of visible privacy and cookie policies. Overall, the site is professional and trustworthy but could enhance transparency and compliance by publishing relevant policies and contact information.

Dynadot is a domain registrar and web hosting company providing domain registration, management, and hosting services primarily targeting individuals and businesses seeking online presence solutions. The company positions itself as a reliable and established player in the domain registration market with a global customer base. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content to support its business model. Technically, Dynadot employs modern web technologies including Vue.js and integrates marketing and analytics tools such as Facebook and TikTok pixels. The site is hosted behind Cloudflare infrastructure, leveraging security features like Turnstile CAPTCHA to mitigate bot traffic. Performance and SEO optimizations are adequate, with good accessibility features. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. However, there is no publicly available security policy, incident response contact, or vulnerability disclosure program, which are areas for improvement. The absence of WHOIS data raises questions about domain registration transparency, although the website content and business information appear legitimate. Overall, Dynadot presents a solid online presence with good security posture and privacy compliance, but would benefit from enhanced transparency in domain registration data and formal security policies to strengthen trust and compliance posture.

A

Airbase Inc.

airbase.io

61

Airbase Inc., now a part of Paylocity, offers an integrated cloud-based platform that combines payroll and non-payroll spend management to provide businesses with real-time financial visibility and control. The company targets enterprises seeking unified HR and financial solutions, leveraging Paylocity's established market presence to enhance its offerings. The website reflects a mature digital presence with professional branding and comprehensive service descriptions aligned with its business model. Technically, the site is built on WordPress with modern JavaScript frameworks and analytics tools, ensuring good performance and user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and error monitoring via Rollbar, though some compliance aspects like cookie consent and public security policies could be improved. WHOIS data is unavailable, likely due to privacy protection, but the overall legitimacy is supported by consistent branding and parent company association. Strategic recommendations include enhancing privacy compliance mechanisms and publishing security policies to bolster trust and regulatory adherence.

T

TinyURL LLC

tinyurl.com

73

TinyURL LLC operates a well-established URL shortening service since 2002, offering free and paid plans with advanced features such as branded domains and detailed analytics. The company targets a broad audience including general internet users, marketers, and businesses seeking link management solutions. The website demonstrates a mature digital presence with modern technologies like Vue.js and secure payment integrations via Stripe and Paddle. Advertising is integrated through reputable networks with moderate tracking. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is robust with clear policies and consent mechanisms. Overall, TinyURL presents a trustworthy and professional service with a solid market position.

E

EPFL Alumni

epflalumni.ch

57

EPFL Alumni operates as the official alumni community platform for graduates of the École Polytechnique Fédérale de Lausanne (EPFL) in Switzerland. The website provides a comprehensive suite of services including networking, career support, event management, mentoring programs, and company engagement. It targets alumni, recruiters, companies, and the broader EPFL community, positioning itself as a key facilitator of lifelong connections and professional development within the EPFL ecosystem. The platform supports multiple languages and offers OAuth-based secure login options, enhancing user experience and security. Technically, the website leverages modern web technologies such as Vue.js, Google Analytics, Google Tag Manager, and Google Maps API, integrated within a custom CMS framework tailored for alumni networks. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses secure authentication methods. However, some standard security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, suggesting potential areas for improvement. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling. Overall, EPFL Alumni presents a professional, trustworthy, and well-maintained digital presence that effectively serves its community. Strategic enhancements in security headers and accessibility would further strengthen its posture and user trust.

G

gibb Berufsschule Bern

gibb.ch

72

The gibb Berufsschule Bern is the largest vocational school in Switzerland, offering over 60 professions and diverse further education programs. The website reflects a professional educational institution targeting students and apprentices seeking vocational training and general education. The technical infrastructure is modern, leveraging Vue.js, Nuxt.js, Tailwind CSS, and Swiper.js, with analytics provided by Fathom Analytics, indicating a focus on privacy-conscious minimal tracking. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned but would benefit from enhanced privacy and security disclosures.

G

GitLab Inc.

gitlab.com

70

GitLab Inc. operates a leading AI-powered DevSecOps platform that integrates planning, development, security, and operations into a single application. The company targets developers, DevOps, and security teams, offering a comprehensive SaaS solution that accelerates secure software delivery. Positioned as a market leader, GitLab emphasizes collaboration and automation to enhance software development efficiency. The website reflects a mature enterprise with consistent branding and high-quality content, reinforcing its strong market presence. Technically, the site employs modern JavaScript frameworks such as Vue.js and Nuxt.js, alongside industry-standard marketing and analytics tools including Google Tag Manager, Optimizely, and Marketo. The platform demonstrates excellent performance, mobile optimization, and good accessibility, indicating a high level of digital maturity and user experience focus. From a security perspective, GitLab maintains robust practices including HTTPS enforcement, comprehensive security headers, and a transparent incident response program. Certifications like ISO 27001 and SOC 2 Type II further attest to their commitment to security and compliance. The presence of detailed privacy and cookie policies with consent mechanisms highlights strong privacy compliance aligned with GDPR requirements. Overall, GitLab's website and domain exhibit high trustworthiness and professionalism, with no indications of vulnerabilities or suspicious activity. The WHOIS data for the subdomain is unavailable, which is typical and expected for subdomains. The site is fully accessible without WAF or blocking mechanisms, enabling thorough analysis.

C

Canto

imagerelay.com

77

Canto is a technology company specializing in digital asset management and product information management solutions, having evolved from Image Relay. The company positions itself as a leader in the DAM market with integrated PIM capabilities, targeting product-driven brands and dynamic teams. Their platform offers centralized management of product images, descriptions, and specifications, combined with collaboration tools and integrations to accelerate go-to-market strategies. Technically, the website is built on modern frameworks such as Vue.js and employs a variety of marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Hotjar. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security-wise, the site enforces HTTPS and uses a consent management platform for privacy compliance, though explicit security headers are not detected in the HTML source, indicating room for improvement. The absence of WHOIS data reduces trust slightly but the professional presentation and comprehensive policies support a strong legitimacy profile. Overall, the website demonstrates a mature digital presence with good security posture and privacy compliance.

D

Die Deutschen Auslandshandelskammern

ahk.de

61

Die Deutschen Auslandshandelskammern (AHK) operate as a globally recognized network representing German business interests in over 90 countries with 150 locations. They provide comprehensive support for German companies entering or expanding in foreign markets, including legal, cultural, and market advisory services. The organization is well-positioned as a government-affiliated entity with strong partnerships with key German economic institutions. Technically, the website is built on a modern CMS (Ibexa DXP) with Vue.js components and uses Piwik PRO for analytics, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and well-aligned with its business mission.

M

MSC Cruises Australia

msccruises.com.au

76

MSC Cruises Australia operates as a regional branch of the global MSC Cruises S.A., providing cruise holiday services focused on destinations such as the Mediterranean, Caribbean, and worldwide. The website targets general consumers interested in cruise vacations, offering booking, deals, and onboard experience information. The company holds a strong market position as a major international cruise line with a localized Australian presence. Technically, the website employs modern JavaScript frameworks like Vue.js, integrates marketing and analytics tools such as Marketo and Google Tag Manager, and uses Akamai for hosting and CDN services. The site is mobile-optimized and SEO-friendly, with good performance and accessibility features. Security posture is strong with HTTPS enforcement, security headers, and consent management, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the domain shows privacy protection typical for large enterprises, with no suspicious WHOIS data. The site is professional, trustworthy, and compliant with GDPR and cookie regulations.

N

Naef Holding S.A.

naef-commercial.ch

48

Naef Commercial Knight Frank is a Swiss real estate company specializing in commercial and investment properties, offering tailored services such as property rental, sales, valuation, and asset management. The company operates primarily in Geneva, Vaud, and Neuchâtel, positioning itself as a key player in the Swiss real estate market. The website reflects a mature digital presence with modern technologies including Vue.js, Google Tag Manager, and a cookie consent mechanism, ensuring good user experience and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security and incident response policies are not published. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

N

Naef Holding S.A.

naef-invest.ch

48

Naef Commercial Knight Frank is a reputable Swiss real estate company specializing in commercial and investment properties. The company operates primarily in Geneva, Vaud, and Neuchâtel, offering services such as property rental, sales, valuation, and asset management. Their website reflects a professional market position with clear service offerings targeting property owners, investors, and tenants. Technically, the site uses modern JavaScript frameworks like Vue.js and integrates third-party libraries for enhanced user experience. Privacy and cookie consent are managed effectively with a recognized consent management platform. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Overall, the website is well-maintained, trustworthy, and compliant with GDPR requirements.

M

MSC Cruceros Latam

msccruceros.com

70

MSC Cruceros Latam operates as the Latin American regional website for MSC Cruises, a major global cruise line. The website offers cruise vacation bookings, deals, and onboard experience information primarily targeting Spanish-speaking customers in Latin America. It is part of the larger MSC Cruises International group, reflecting a strong market position in the transportation and hospitality sectors. The site is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site uses modern JavaScript frameworks like Vue.js, integrates marketing and analytics tools such as Marketo and Google Tag Manager, and is hosted on a robust CDN infrastructure (Akamai). Security posture is strong with HTTPS enforced and cookie consent mechanisms aligned with GDPR requirements. However, the absence of WHOIS data for the domain is unusual and merits further investigation to confirm domain registration legitimacy. Overall, the site demonstrates a mature digital presence suitable for a large enterprise in the travel industry.

M

MSC Cruises Australia & New Zealand

msccruises.co.nz

75

MSC Cruises Australia & New Zealand operates a professional and well-branded website offering cruise holidays primarily in the Mediterranean, Caribbean, Emirates, and worldwide. The site targets general consumers interested in cruise vacations, providing detailed information on cruise deals, destinations, ships, excursions, and onboard experiences. The business is positioned as a major player in the cruise industry with a strong regional presence and is a subsidiary of MSC Cruises S.A., a global cruise corporation. The website demonstrates a good level of digital maturity with modern technologies and marketing integrations.

M

MSC Cruises Sverige

msccruises.se

74

MSC Cruises Sverige is the Swedish localized website for MSC Cruises, a major international cruise line offering affordable cruises in the Mediterranean, Caribbean, Northern Europe, and worldwide. The site enables customers to book and manage cruises, excursions, drink packages, and other add-ons online, targeting general consumers interested in cruise vacations. The business is positioned as a large transportation and hospitality company with a strong brand presence and a loyalty program (MSC Voyagers Club). Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates marketing and analytics tools like Marketo and Adobe Launch, and is hosted on a CDN likely provided by Akamai. The site is mobile optimized with good SEO and accessibility basics, though some accessibility features could be improved. Performance is moderate, with service workers used for enhanced loading and security. From a security perspective, the site enforces HTTPS and uses service workers for security and performance. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a cookie consent mechanism present but no clearly linked privacy or terms of service pages. Contact information is prominently displayed, but no dedicated security or incident response policies are published. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data for the exact domain is explained by it being a subdomain or alias, with the parent company MSC Cruises S.A. being a reputable entity. Strategic recommendations include publishing clear privacy and security policies, enhancing accessibility, and maintaining regular security audits.

M

MSC Cruises USA

msccruisesusa.com

78

MSC Cruises USA operates as a major cruise line offering vacation packages primarily targeting the US market. The company provides a wide range of cruise deals to popular destinations such as the Caribbean, Bahamas, Mediterranean, and Northern Europe. Their business model focuses on family-friendly and all-inclusive cruise holidays, supported by a professional and well-branded online presence. The website demonstrates a strong market position as part of the global MSC Cruises brand, with consistent branding and clear service offerings. Technically, the site leverages modern JavaScript frameworks like Vue.js, integrates advanced analytics and marketing tools such as Marketo, Google Tag Manager, and Dynatrace, and employs Akamai for hosting and performance optimization. The site is mobile-optimized and accessible, with good SEO practices and comprehensive privacy and cookie policies that comply with GDPR and CCPA regulations. Security posture is strong with HTTPS enforcement, security headers, and consent management, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data for the domain is a concern, suggesting the domain may be newly registered or privacy protected, which slightly reduces trustworthiness. Overall, the site is professional, secure, and compliant, serving a broad general audience with safe content.